Privacy Policy
Last updated: March 24, 2026
BooCoo ("we," "our," or "the app") is a personal finance application developed by Make Greater LLC, a Wisconsin limited liability company. This privacy policy explains what data BooCoo collects, how it is used, and the choices you have.
We designed BooCoo with privacy in mind. Your financial data is stored on your device and in your personal iCloud account. We do not sell, share, or monetize your financial data.
1. Data We Collect
1.1 Financial Account Data (via Plaid)
When you connect a financial institution through Plaid, the following data is retrieved:
- Account names, types, and balances
- Transaction history (descriptions, amounts, dates, merchants, categories)
- Liability details (credit card APR, loan terms, payment schedules)
- Investment holdings and securities
To retrieve this data, your device communicates with our server, which acts as a secure intermediary between your device and Plaid's API. Financial data (transactions, balances, etc.) passes through our server during sync but is not stored on our server — it is delivered directly to your device and stored locally.
Plaid access tokens — unique keys that authorize BooCoo to retrieve your financial data — are stored on our server (AWS DynamoDB) to enable automatic sync. These are not your bank login credentials; Plaid never shares those with BooCoo.
Plaid's handling of your data is governed by Plaid's End User Privacy Policy.
1.2 Apple Financial Data (via FinanceKit)
If you choose to connect Apple Card, Apple Cash, or Apple Savings, BooCoo accesses this data through Apple's FinanceKit framework. This data:
- Is read directly from your device
- Never leaves your device or is transmitted to any server
- Includes account balances and transaction history
- Can be revoked at any time in Settings > Privacy & Security > Finance
1.3 Manually Entered Data
You may manually add personal assets (real estate, vehicles, etc.), institutions, accounts, and transactions. This data is stored locally on your device and in your iCloud account.
1.4 Device Information
When you register with BooCoo, we store:
- A unique device identifier (generated by the app, not your hardware ID)
- Your iCloud account identifier (an opaque ID assigned by Apple, used to link your devices — this is not your name or email)
- An authentication token (stored in encrypted form)
This is used to authenticate API requests and manage multi-device access. We do not collect your device's human-readable name.
If you enable push notifications, we also store your push notification token (APNs token) on our server so we can notify you when new transactions are available.
1.5 Biometric Data
BooCoo uses Face ID or Touch ID to authenticate access to your financial data. Biometric data is handled entirely by Apple's Secure Enclave on your device. BooCoo never receives, stores, or transmits your biometric data.
2. How Your Data Is Stored
| Data | Where Stored | Encryption |
|---|---|---|
| Financial data (accounts, transactions, balances) | On-device (SwiftData) + your personal iCloud (CloudKit) | iOS Data Protection + CloudKit encryption |
| Apple FinanceKit data | On-device only | iOS Data Protection |
| Plaid access tokens | On-device (iOS Keychain) + our server (AWS DynamoDB) | Keychain encryption (device) + encrypted at rest (server) |
| Plaid sync metadata | Our server (AWS DynamoDB) | Encrypted at rest |
| Device registration | Our server (AWS) | Encrypted at rest (AWS DynamoDB) |
| Authentication tokens | Our server (hashed) + device Keychain | bcrypt hashed (server) + Keychain (device) |
| Push notification token (APNs) | Our server (AWS DynamoDB) | Encrypted at rest |
| Subscription receipt | Our server (AWS DynamoDB) | Encrypted at rest (Apple-signed JWS) |
| AI feature usage data (message counts, insight counts, timestamps) | Our server (AWS DynamoDB) | Encrypted at rest |
3. How Your Data Is Used
BooCoo uses your data solely to provide the app's financial management features:
- Displaying account balances and net worth
- Categorizing and analyzing transactions
- Generating spending trends and financial projections
- Syncing your data across your personal devices via iCloud
- Authenticating your identity for secure API access
- Securely relaying financial data between Plaid and your device during sync (data passes through our server but is not stored)
- Generating AI-powered observations about your spending trends and responding to financial questions
4. Data We Do NOT Collect or Sell
- We do not use advertising identifiers or track you across apps
- We do not store your bank login credentials (Plaid never shares these with us)
- We do not store your transactions, balances, or spending data on our servers — this data passes through during sync and is delivered to your device
- We do not sell, rent, or share your financial data with third parties
- We do not use your data for marketing purposes
5. Third-Party Services
5.1 Plaid
BooCoo uses Plaid to connect to your financial institutions. When you link an account, Plaid securely accesses your financial data on our behalf. For details on how Plaid handles your data, see Plaid's Privacy Policy.
5.2 Apple (iCloud and FinanceKit)
BooCoo uses Apple's CloudKit to sync your data across your devices via your personal iCloud account. FinanceKit data remains entirely on-device. Apple's handling of iCloud data is governed by Apple's Privacy Policy.
5.3 Amazon Web Services (AWS)
Our backend services run on AWS Lambda. Our server acts as a secure intermediary for Plaid API communication and subscription validation:
- Plaid access tokens are stored on our server (DynamoDB) to enable automatic transaction sync
- Transaction and balance data passes through our server during sync but is not stored
- Device registration, push notification tokens, and Plaid connection metadata are stored server-side
- Subscription receipts (Apple-signed JWS tokens) are sent to our server for entitlement validation and stored alongside your device ID
- Server logs (AWS CloudWatch) may temporarily contain sync request metadata and are retained for 90 days before automatic deletion
5.4 Anthropic (AI Features)
BooCoo's Insights and Ask BooCoo features are powered by Anthropic's Claude API. No individual transactions, merchant names, account numbers, or institution names are ever sent to Anthropic. What is sent is an aggregated summary generated on your device:
- Account types and total balances
- Category-level spending totals by time period
- Financial Vitals scores, burn rate, and runway figures
- Time-period context (day of month, days remaining in period)
This data is sent through our server (AWS Lambda) to Anthropic's API and back to your device. Your financial data is not stored on our server. Anthropic retains API inputs for up to 30 days for trust and safety review, then deletes them. Anthropic does not use API data to train its models.
Ask BooCoo conversation history is stored on your device only and is not sent to our server.
Usage data for AI features — message counts, insight counts, and timestamps — is stored on our server (AWS DynamoDB) with a 90-day retention period and then automatically deleted.
For details on how Anthropic handles data, see Anthropic's Privacy Policy.
6. Server-Side Data
For full transparency, here is exactly what is stored on our server:
- Device registration: Device ID (app-generated), iCloud account identifier (opaque, assigned by Apple), authentication token hash
- User account: User ID, device count, last active timestamp
- Push notifications: APNs device token (if notifications are enabled)
- Subscription entitlement: Apple-signed JWS transaction receipt, device ID, subscription tier
- Plaid connection metadata: Institution name, Plaid access token, sync cursor, sync timestamps, connection status, error states
- AI feature usage: Message count, insight count, last usage timestamps (90-day TTL, automatically deleted)
The following data is not stored on our server:
- Individual transactions or transaction history
- Account balances or account numbers
- Merchant names or spending categories
- Your bank login credentials
- Any Apple FinanceKit data
7. Data Retention and Deletion
| Data | Retention Period | How to Delete |
|---|---|---|
| On-device financial data | Until you delete it | Delete a document in-app, or delete the app |
| iCloud data | Until you delete it | Delete in-app, or remove BooCoo data in iOS Settings > iCloud |
| Plaid access tokens (server) | Until institution is disconnected | Disconnect institution in-app, or revoke at my.plaid.com |
| Device registration (server) | Until you request deletion | Use the "Delete My Data" option in-app, or contact us |
| Server logs (CloudWatch) | 90 days | Automatically deleted |
| AI feature usage data | 90 days | Automatically deleted |
| AI data sent to Anthropic | Up to 30 days (Anthropic retention) | Deleted by Anthropic after trust & safety review |
| FinanceKit data | While access is granted | Revoke in iOS Settings > Privacy & Security > Finance |
Primary deletion method: Use the "Delete My Data" option within the app. Because BooCoo does not collect your name or email address, the in-app deletion feature is the most reliable way to delete your server-side data — the app can securely identify your account using credentials stored on your device.
If you are unable to use the in-app option, you may contact us at [email protected] with your device identifier (found in the app's settings) so we can locate and delete your records. If we cannot verify your identity, we will inform you and provide guidance on alternative steps. We will respond to all deletion requests within 30 days.
8. Security
We implement reasonable administrative, technical, and physical safeguards to protect your data:
- All communication between the app and our servers uses TLS (HTTPS) encryption in transit
- Plaid access tokens are stored in AWS DynamoDB with encryption at rest
- Authentication tokens are bcrypt-hashed before server storage
- On-device data is protected by iOS Data Protection (hardware encryption)
- Sensitive credentials on-device are stored in the iOS Keychain
- Biometric authentication (Face ID / Touch ID) is available to restrict app access
No method of electronic storage or transmission is 100% secure. While we strive to protect your personal information, we cannot guarantee its absolute security.
9. Your Rights and Choices
- Disconnect institutions at any time within the app
- Revoke FinanceKit access in iOS Settings
- Export your data using the app's backup feature
- Delete your data by removing documents or deleting the app
- Delete server-side data using the "Delete My Data" option in the app
- Request account deletion by contacting us at [email protected]
California Residents (CCPA / CPRA)
If you are a California resident, the California Consumer Privacy Act (as amended by the California Privacy Rights Act) provides you with additional rights:
- Right to Know: You may request the categories and specific pieces of personal information we have collected about you.
- Right to Delete: You may request that we delete your personal information, subject to certain exceptions.
- Right to Correct: You may request that we correct inaccurate personal information.
- Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.
Categories of personal information collected:
| CCPA Category | Examples | Collected? |
|---|---|---|
| Identifiers | Device ID (app-generated) | Yes |
| Financial information | Account balances, transactions (on-device and iCloud only) | Yes (on-device only) |
| Internet or network activity | Sync request logs | Yes (server logs, 90-day retention) |
| Commercial information | Subscription receipt (Apple-signed, sent to server for validation) | Yes (receipt sent to server for entitlement validation) |
| Geolocation data | N/A | No |
| Biometric information | N/A (handled by Apple Secure Enclave) | No |
To exercise your CCPA rights, contact us at [email protected]. We will verify your identity before processing your request and respond within 45 days.
10. Do Not Sell or Share My Personal Information
We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising. Because we do not sell or share personal information, there is no need to opt out — but we state this explicitly as required by California law.
11. Data Breach Notification
In the event of a data breach that affects your personal information, we will:
- Investigate the breach and take steps to contain it
- Notify affected users as required by applicable law (including Wisconsin Statute 134.98 and, where applicable, California Civil Code 1798.82)
- Notify relevant regulatory authorities as required
- Provide information about what data was affected and steps you can take to protect yourself
12. Children's Privacy
BooCoo is not intended for use by children under the age of 18. We do not knowingly collect personal information from children. If we learn that we have collected personal information from a child under 18, we will take steps to delete it promptly.
13. International Users
BooCoo is operated from the United States. If you access the app from outside the United States, your data may be transferred to and processed in the United States. By using BooCoo, you consent to this transfer and processing. We are not currently subject to the EU General Data Protection Regulation (GDPR), but we apply the same privacy protections described in this policy to all users regardless of location.
14. Governing Law
This privacy policy is governed by the laws of the State of Wisconsin, United States, without regard to conflict of law principles.
15. Changes to This Policy
We may update this privacy policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page and, where practicable, notify you through the app. Continued use of BooCoo after changes are posted constitutes your acceptance of the updated policy.
16. Contact Us
If you have questions about this privacy policy, want to exercise your privacy rights, or want to request data deletion, contact us at:
Make Greater LLC
Email: [email protected]